I'm testing a new GPO and followed the directions instructed from here. and so far my 1st two tests have been excellent! however in order to deploy this via msi + cfg.xml I placed the files in a shared namespace all domain users/systems can read and am concerned about the data inside the cfg.xml file I created. I created the original cfg.xml by using my workstations current configuration as a base, downloaded/saved it through ERA and modified it with ESET Configuration Editor, saved a new .xml file and it works...but when I opened the xml file by itself I found 2-3 sections I was slightly concerned about: 1: Our EAV-12345678 volume license Username is visible in plain text & our Password is a string of numbers and digits such as: "A1bj9w9wiwjfIFJASFASF8sXXx7skjdkw44w=", if everyone has read access to this file and manages to locate it on our network and opens it can they decode and walk off with our companys username and password? 2: There is a plugin id: -<PLUGIN ID="1000101"> -<PROFILES> -<NODE TYPE="SUBNODE" NAME="@My profile"> section that looks specific to my computer systems hardware? Do I really need my towers current USB device info on all my computer systems? Can I just remove the <plugin 1000101> section from the xml with no bad repercussions? 3: There is another plugin id: -<PLUGIN ID="1000200"> -<PROFILES> -<NODE TYPE="SUBNODE" NAME="@My profile"> that contains a bunch of trusted untrusted toggles I don't recognize looks http related but what spotted my attention was my own windows 7 username directory listing a ton of .exe's I've ran or had installed in my the past/currently on my computer system found under this node: -<NODE TYPE="XML" NAME="EPFWDATA" XML_VERSION="1"> -<BROWSERS> I don't want everyone at my company being able to see a list of executable applications on my computer for any non necessary reason, how can I remove this info?